A patent application filed in December of 2007 (not yet granted) by Microsoft reveals an interesting spin on the much touted idea of the human search engine that in theory just might succeed where others have failed by building a real economy around hand-crafted search results.

When thinking of community-powered search engines or “open source” search engines as this patent affectionately mentions, the first thing that probably comes to mind is Mahalo, especially with the new focus on monetary incentives since its relaunch earlier this month. Whilst there are definitely similarities between the two ideas, there is at least one minor but important difference which I think gives Microsoft’s model an edge.

In this particular implementation, the patent suggests users generate targeted search results in the form of lists with numerous relevant web links and even a custom excerpt describing the contents and why its relevant. These lists then appear on the results page of the targeted queries next to the conventional results, thus it is not a search engine that depend entirely on user-generated results, in fact on the opposite end, almost branding such lists as “ads” as suggested in the mockup above.

Next, to motivate users to create high-quality result lists, the patent describes a system of offering monetary incentives for creators who generate “popular” lists, based on volume and/or rankings by other users, tracking clicks and other measurements on the results set.

In order to fuel the economy between creating lists from queries and generating revenues for creators, ad revenues from ads that are shown on websites are used to pay the creators. However, ads are not the only mechanism that may be used to generate revenues. Revenues from a subscription or usage could also be used depending on how the present invention is implemented. The economy provides flexibility by allowing creators to generate popular lists and allowing creators to invest in new entrants into the economy.

Whilst so far everything might sound rather predictable of a community-powered search engine, but the other side of the coin is where it sets this system apart. Instead of a free-for-all system where anyone can create a results list for any topic or query, this patent also describes an economy for targeting queries.

A user […] can create a list targeting a query. The list is sent to servers to be shown to the public whenever the list is accessed. However, a link to the list is [only] shown to the public when [the] creator pays a value or rent. The amount that creator pays depends on the query, which has an assigned value. Regardless of the size of the generated list, [the] creator pays the value or rent commensurate with the assigned value to the query. Higher value queries command higher payments or rents.

This barrier-to-entry to publishing a list is where sets this system apart from other implementations I’ve witnessed. The system is no longer just an opportunity to earn some loose change, but it actually deters lists that are of low-quality and also builds competition between list creators for a limited number of spaces per query. The word “rent” is of particular interest since it suggests that this may be a fee over time.

Furthermore, there may also be very much a risk involved in creating bad lists. For example, incurring a lost if a list is bad or not updated over time.

As embodiments of the present invention describe incentives for [the] creator to generate a good list, embodiments of the present invention deter the creation of bad lists. If a list is not popular, it will not earn income. Over time, a bad list will lose its opportunity to be shown to the public in favor of more popular lists. This can occur even if the creator has initially paid a value or rent to be shown. For one thing, there is only a limited amount of space where a link can be shown on a web page. It is highly competitive to get a list to be shown and to keep the list being shown. The incentive is to create a good list that will be popular in order to keep it in the public view for as long as possible.

And an example of what a list might look like, for “in-wall microwaves”, a high-valued query I’m sure.

I think such a unforgiving incentive program and economy behind this idea is what is needed to make user-generated search results not only work well but work over time. Certainly I’ll be interested to see if Microsoft or any company has the guts to realize this idea in practice.

GreenBeat, VentureBeat’s energy-focused technology blog, today published an article about the upcoming Microsoft Hohm software whose trademark I’ve been watching since June 16. The article appears to have been accidentally published ahead of the embargoed time and was soon-after retracted. But of course, the internet never forgets 😉

Thanks to Google Cache, a carbon copy of the article confirms Microsoft Hohm is indeed as speculated a home energy management web application to be made available for free to US home owners.

Microsoft leaps into the home energy management game with Hohm

Today, the computing giant introduced Microsoft Hohm, a new online application that will also allow homeowners and businesses to view how much power theyaccount information entered by users about their home appliances, their energy-related behavior patterns, house features ( are using and how to make money-saving cutbacks. Synthesizing technology licensed from Lawrence Berkeley National Laboratory and the U.S. Department of Energy, the system’s marquee claim is that it provides customers with personalized recommendations for how to save energy and lower their bills. And, unlike its competitors, you can download the application for free starting today.

A video demonstration of the Hohm online interface by Microsoft is available here:

Update: Presumably in response to this, CNET also seems to have published its Hohm story earlier than expected too. I say this only because other popular blogs (TechCrunch, Mashable, Engadget) appear to be holding back their prepared articles.

Update 2: The story is now back on VentureBeat. Jumping on the bandwagon early, ReadWriteWeb has an article too.

Update 3: You can sign up for the Microsoft Hohm beta here (ahead of time). 🙂

Update 4: A list of US utility retailers and smart-meter providers partnering with Microsoft Hohm at launch includes: Seattle City Light, SMUD, Itron, Xcel Energy, Puget Sound Energy, Landis Gyr.

Update 5: The Microsoft Hohm team also produced this fun viral video “the doggie dishwasher”, promoting Hohm as an “easier ways to go green”.

The Live Search mobile application, although as crippled it is outside of the United States, is still a very cool mobile search application that featured intelligent voice search and location-based search capabilities only recently Google could match on the iPhone Google app. Now that Bing has taken over Live Search, a the mobile application is said to be coming “very soon”. Here’s a couple details about it I picked up from a Microsoft presentation.

The new Bing mobile application appears to be a little more than just a simple rebranding of the old Live Search application. For starters, the client is expanding beyond just Windows Mobile and Blackberry to include the Sidekick and BREW-supported phones, where it is said to ship natively on all Verizon BREW phones starting November. Furthermore, the service will also expand to the European market with local content available for the UK, France and Italy. All of this was initially planned to launch between August and September, which may or has not changed.

The design of the application is also likely to be changed to incorporate some of the new design elements from Bing. Here are a couple screen concepts from late April this year.

A strong marketing effort behind Internet Explorer 8 right now seems to be hitting all the controversial buttons. First came “Browse for the better“, a US food donation program supported by IE8 downloads. Followed by Microsoft Australia’s “Ten Grand is Buried Here“, an online treasure hunting game exclusively for IE8 users. And most recently “Get the facts“, a feature comparison chart comparing IE8 to other browsers. If you agree with “no publicity is bad publicity”, then they sure got their money’s worth.

The Australian “Ten Grand is Buried Here” competition in particular drew a lot of criticism around its messaging towards users of browsers other than Internet Explorer 8 – telling the users to “get rid of it or get lost”. I agree with the view that the words used are very strong, but as a devoted Firefox user, I took no offense by it. But by judging from wild reactions, a lot of people were. Microsoft has since responded.

Earlier today, the messaging was briefly changed to “get lost in the hunt” which I’ve been told is the originally context of the message, but another inspection of the site tonight seems to indicate the message no longer targets different browsers. Instead, users of all browsers are encouraged to participate equally, whilst still encouraging the use of Internet Explorer 8.

Furthermore, the underlying concept of the competition appears to have also changed as it no longer states “a cleverly concealed webpage that only Internet Explorer 8 can view”, but now “a webpage you can view in Internet Explorer 8″. The wording appears to have been changed deliberately which would indicate that the hidden treasure will be viewable on all browsers. I’ve since asked Microsoft Australia to confirm this interpretation. This has been confirmed.

If this is true, then it could be quite the turning point for the competition. No longer could it be viewed as a marketing ploy to coerce people into using Internet Explorer 8, instead, a fun and and potentially extremely rewarding online puzzle game that encourages people to explore the web, sponsored by Internet Explorer 8. Something that users of any browser should be able to get behind.

Finally, if you’re keen on playing along then keep an eye out on forums threads like the one on Whirlpool who were quick to solve today’s first clue. The clue “3000 upside down” was solved as the URL prefix “www” as the number 3000 in roman numerals are notated by “MMM” which flipped became w’s.

P.S. The “it’s not as stupid as it sounds” text in the footer was always in context of the “tell a friend” messaging. It implies that telling your friends about this competition is not a bad idea since you might not have the chance to follow or solve all the clues yourself. Some people obviously misinterpreted that.

Update: Microsoft Australia’s Gianpaolo Carraro, the man behind this competition, blogs his thoughts and experiences over the reactions to this competition from around the internet.

Update 2: Microsoft provided the following statement regarding the new competition rules,

“We created the $10,000 Treasure Hunt competition to raise awareness and encourage trials of our new browser, IE8. Already, participation in the competition has been significant. The $10,000 Treasure Hunt competition is open to users of other browser to encourage a greater spirit of online community and to allow more people to participate. We look forward to announcing the winner.”

Microsoft Australia is heating up the browser wars with what can be assumed as the first ever browser-exclusive treasure hunting competition on the internet. Now you might call this sneaky, but $10,000 Australian dollars (or roughly $8000 US dollars) is a pretty compelling reason to use Internet Explorer 8.

The “Ten Grand is Buried Here” competition involves finding a particular Australian website which only if viewed under Internet Explorer 8 reveals a special “claim” button for the cash prize. Hints will be given out on Twitter to where it is hidden throughout the competition until it ends on 17 September 2009, or until someone finds it first. I’m sure with so much at stake, no page will left unvisited.

Of course there’s no stopping from international users from also participating in the hunt, but the rules of the competition state only residents of Australia can claim the prize. So if you aren’t from Australia but have somehow stumbled across the treasure, it might be wise to pair up with an Aussie and give him a slice of the winnings. Without suggesting anybody in particular, my commission rates are very competitive.

Since it was launched today, there is a bug where Internet Explorer 8 users who downloaded the “Compatibility View” pack from Windows Update will be mistakenly identified as Internet Explorer 7 users since it automatically applies Compatibility View to Microsoft.com, where this competition is hosted, but I’ve been notified the issue will be fixed soon.

Update: It appears the Compatibility View list cannot be overridden. Users are recommended to disable the compatibility view list by going to their “Tools” menu button, “Compatibility View settings” and unticking “Include updated website lists from Microsoft”. An amusing oversight to say the least.

Microsoft Australia is also sparing no punches if you used other browsers to view the competition page. Using Mozilla Firefox, you’ll see…

In Apple Safari, it reads “you’ll never find it using boring Safari”. In Google Chrome it reads “you’ll never find it using tarnished Chrome”. Unfortunately I do not have Opera handy to test what it says.

Personally I’m not sure if “get rid of it or get lost” sends the right tone, but I think it might reflect just how serious browser wars have become. I can definitely see different people reacting to this promotion differently, but I guess at least the person who scores $10,000 will be a big fan of IE8.

Update: Microsoft Australia has since changed the messaging of this campaign and even the concept of the competition to not discriminate between browsers. Users of all browsers are now invited to participate in the treasure hunt.

If I’m beginning to sound like a broken record to you, I respectfully ask you to hear me out for what I would hope is the last time.

I know from my own experience that large chunks of technical blabber on the topic of software security is not the most enjoyable reading experience. To help illustrate my point better, I’ve embedded above a very brief 2-minute long screencast to demonstrate the Windows 7 UAC code-injection vulnerability I’ve been touting. If you don’t plan on reading any further, please at least watch that.

Assuming you have some insights into how this code-injection vulnerability works, I want to elaborate on a couple points to reinforce my case.

Firstly, I want to touch on the nature of remote code-execution vulnerabilities and how it relates to this code-injection vulnerability. If you’re an everyday Windows user, you would have without a slither of doubt come across the words “remote code-execution” (RCE) sometime in the past or even as recent as today assuming you’ve applied your Windows patches which covers several RCE vulnerabilities. In case you’re not entirely sure what it means, at the most basic level it describes a system executing code provided to it by a remote source without any intervention from the user. RCE vulnerabilities not only affect Microsoft products, but Adobe Reader, Mozilla Firefox and many popular third-party softwares millions of users trust.

RCE by itself warrants some attention, but with the introduction of default UAC policy in Windows Vista, the potential impact of RCE vulnerabilities were actually reduced because the malicious code can no longer assume full administrative privileges, instead, limited to what the target application was running which in most scenarios was medium-level or even low-integrity like in Internet Explorer. However, in conjunction with the default Windows 7 UAC policy and this vulnerability, the potential impact of RCE vulnerabilities is raised, as the malicious code executed could silently elevate itself to have much more free reign over the system than before. If this isn’t enough indication that the default security policy in 7 is worse than Vista, than I don’t know what is.

Secondly, besides the obvious malicious use for the UAC vulnerability, there is nothing stopping it from being abused by legitimate developers and their applications. After suggesting such a scenario in my original article, one such developer have already expressed interest in using this vulnerability in such a way that will remove UAC prompts from his applications.

Now I’m fairly confident that this developer has the best intentions for his users, but what this means if it is ever applied in practice is that for the large majority of users who will use the default UAC policy, UAC prompts be only a waste of their time. I say this because if some applications can elevate themselves with or without the user agreeing to a prompt, the prompt’s effects are nullified. To look at it in another light, at the default Windows 7 UAC policy, it’s as good as having UAC prompts turned off entirely.

Last but not least, since Microsoft has known about this for half a year as well as indirectly acknowledged and ignored this vulnerability, I have asked Leo Davidson to release the proof-of-concept source code and test application into the wild for public scrutiny. If Microsoft is right in saying this has no security implications, then this should mean nothing. If they are not then, well, at least there is still time to do something about it. A month to be exact.

I realize Microsoft will not by any stretch of the imagination return Windows 7 to the Windows Vista “always on” mode of UAC, there’s too much to lose. What I would like is for Microsoft to acknowledge that there is an increased security risk with using the default Windows 7 UAC policy, and communicate this to users where appropriate.

I’m not saying this is the end of the line for Windows 7, it’s an amazing operating system. But for Microsoft to simply ignore this seems irresponsible to me. There are so many people I’d like to evangelize the product to once it ships, and I’d hate this to be one thing I’d also have to mention.